April 13, 2012

Apple Flashback Virus Weakening

The lab said that the trojan's peak infection numbers were 670,000, making the incident the largest confirmed Mac malware outbreak ever recorded.

Kaspersky estimates that about 300,000 of the infections were in the U.S., 94,000 in Canada, 47,000 in the U.K. and about 42,000 in Australia.

It said that it had seen an encouraging decline in the number of active bots to 237,000 over the Easter weekend, but this could reflect only those machines that were trying to connect to the servers during the time period.

The outbreak has alarmed Apple, which is a company that is infamous for its machines lacking viruses compared to computers running Microsoft's Windows operating systems.

Apple users who are worried about being infected by the malware can help ease their worry by updating their Java software.

The number of Apple computers infected with Flashback has shrunk as Internet security software vendors roll out tools to detect and remove the exploit.

Security vendor Symantec said that a sinkhole operation they have been monitoring had seen the number of infections drop from 380,000 to 270,000 in a 24-hour period.

“The IP addresses are no longer serving malicious content related to OSX.Flashback.K; however, we are monitoring the situation closely should the Flashback gang decide to redistribute their operations,” Symantec officials wrote.

The virus was discovered last year, and operated as a classic Trojan by disguising itself as an update to Adobe Flash.

New versions of the malware were found in late March and earlier this month, with the variants acting more as drive-by malware, which infects the systems when the users go to a malicious Website.

The number of machines affected by the Malware is relatively small when considering viruses that have been found on Windows machines.

The Conficker virus detected in November 2008 infected an estimated number of between 9 million to 15 million machines during 2009.

Microsoft said the total number of infect computers detected by its antimalware products remained at around 1.7 million from mid-2010 to mid-2011.

Information Security expert Adrian Sanabria said he has some suspicions on the number of Apple machines reportedly infected by the Flashback virus.

“However, given that the company reporting these numbers is in the business of selling anti-virus software, I think we need to see their claims corroborated before we get too excited,” Sanabria said in a report.